As far as I understand on Stack Overflow and Code Review, only smaller amounts of code are posted. It is expected to post the code there, and a whole project is way too much for one question.

On a more complex project, a local password storage (encrypted file database, leveraging lots of security techniques), I want to get feedback. How can I publish the whole project to achieve constructive feedback?

I thought about a Codeplex, Sourceforge or GitHub project. Perhaps a CodeProject article is best, but I think that is better written by extreme specialists.

Perhaps starting a blog is a way, but I think that this would not attract much audience.

Which license is best used to publish it, make it available for usage (with authorization maybe) and achieve comments from the public?

Right now, as this is the third time asking that question (immediately closed on Stack Overflow and migrated to Code Review), I don't think I can even attract much attention on that question. Is it best to resign from that?

\$\begingroup\$Side question: how to get feedback at all? I'm not having much luck here. My questions look good to me, but I guess they don't look good to others? =/\$\endgroup\$
– DaggApr 19 '13 at 14:30

1 Answer
1

I think you might be expecting too much. People here do want to help you by reviewing your code, but there is a limit on that.

Maybe what you could do is to cut up your project into manageable pieces and ask a separate question about each part here.

Also, if you want to get good (or any) answers on sites like SO and CR, you should first read the FAQ. If you did that, you would realize neither SO nor CR itself is the right place for a question like this one (meta.CR is, as you already discovered).

\$\begingroup\$It is particularly difficult to find a good place to ask such a question. Of course I read the FAQ and I already asked and answered lots of questions. On SO there are questions that are equally associated to programming like my question. On CR only smaller amounts of code are good for review, but review is the whole theme there. Smaller pieces of a project are not as good as the whole project, especially in a security background.\$\endgroup\$
– Mare InfinitusApr 11 '13 at 6:28

\$\begingroup\$@MareInfinitus But your question is not about programming, it's about asking specific questions about programming. Also, I think you really shouldn't rely on the kindness of strangers when it comes to security.\$\endgroup\$
– svickApr 11 '13 at 11:50

\$\begingroup\$Then there are lots of questions that are not about programming. How about the "devise an algorithm to pair socks" kind of question. It has clearly something to do with programming, just as publishing code has. No, I will not rely on strangers, there will be an review of the code, perhaps it is best to not publish code at all (as the article on coding horror shows)\$\endgroup\$
– Mare InfinitusApr 11 '13 at 15:45